How do I protect the privacy of my site's shared encryption key?

The shared encryption key is used by Ocean to encrypt a patient's personal health information (PHI) prior to leaving the circle of care. Beyond the standard strong security precautions implemented by Ocean, the privacy of the shared encryption key effectively prevents third parties (including CognisantMD) from eavesdropping on patient information. Without the shared encryption key, the patient's data cannot be decrypted and consequently cannot be viewed.

As a result (in the spirit of PIPEDA / PHIPA and our privacy policy), it is important for health information custodians (HICs) to take precautions to ensure the shared encryption key and its associated password remain private.

These precautions can unfortunately make it more difficult for clinicians to locate the shared encryption key when it is needed for legitimate clinical purposes. It is sometimes a very unfortunate situation when the shared encryption key is lost completely, because it prevents health service providers from viewing potentially important clinical information about patients in Ocean. For tips on recovering your site's shared encryption key, please refer to: "Recovering a Lost / Forgotten Shared Encryption Key".

General Precautions for Protecting the Shared Encryption Key

Ocean provides some automated mechanisms to protect the privacy of the shared encryption key:

  • The shared encryption key is never sent across the network
  • All requested viewings of the shared encryption key password in the Ocean Portal are logged.
  • The shared encryption key cannot be viewed in an electronic medical record without prior authorization as a clinical administrator.
    • e.g. in PS Suite, the user is prompted to enter their Ocean username and password and is subsequently validated as an Ocean site administrator prior to the key's presentation

Best Practices for Clinical Administrators

  • Follow standard "strong password" security guidelines when choosing a shared encryption key.
  • Keep the "hint" for your shared encryption key sufficiently vague such that a hacker could not easily use it to guess the key, find the key's physical location, or use social engineering to obtain it.
  • Do not write down the shared encryption key in a public location (especially not on a whiteboard or a yellow sticky next to the computer!)
  • Do not choose a hint that is merely a shortened or transformed version of the actual shared encryption key (e.g. using "P@ssw0rd" to describe password)
  • Do not enter the shared encryption key in browsers on publicly-accessible terminals
  • Do not email the shared encryption key.
  • Do not store the shared encryption key on an external drive or cloud server without appropriate privacy and security protocols to restrict access.
  • If you print the shared encryption key, keep a known, limited number of copies of the printout and store them in a secure, locked location.
  • Do not re-use a personal password for the key.
  • Do not re-use a clinic-wide password for the key.
  • Do not re-use a shared encryption key used at any other clinic.
  • Have a process to periodically change the key within a set timeframe.
  • Consider using a trusted secure password manager such as LastPass or 1Password to store the shared encryption key.
Have more questions? Submit a request